Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

[3.4] bpo-35746: Fix segfault in ssl's cert parser (GH-11569)#11868

Merged
larryhastings merged 2 commits into
python:3.4python/cpython:3.4from
vstinner:ssl_crl_bug34Copy head branch name to clipboard
Feb 25, 2019
Merged

[3.4] bpo-35746: Fix segfault in ssl's cert parser (GH-11569)#11868
larryhastings merged 2 commits into
python:3.4python/cpython:3.4from
vstinner:ssl_crl_bug34Copy head branch name to clipboard

Conversation

@vstinner

@vstinner vstinner commented Feb 15, 2019
edited by bedevere-bot
Loading

Copy link
Copy Markdown
Member

Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.

Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas
Edet of Cisco.

Signed-off-by: Christian Heimes christian@python.org

(cherry picked from commit a37f524)

https://bugs.python.org/issue35746

@tiran @vstinner
bpo-35746: Fix segfault in ssl's cert parser (GH-11569)
e0e6ec2 
Fix a NULL pointer deref in ssl module. The cert parser did not handle CRL
distribution points with empty DP or URI correctly. A malicious or buggy
certificate can result into segfault.

Vulnerability (TALOS-2018-0758) reported by Colin Read and Nicolas
Edet of Cisco.

Signed-off-by: Christian Heimes <christian@python.org>

(cherry picked from commit a37f524)
@bedevere-bot bedevere-bot added the type-security A security issue label Feb 15, 2019
@vstinner

vstinner commented Feb 15, 2019

Copy link
Copy Markdown
Member Author

I cannot test manually on my Fedora 29: compilation of the _ssl module fails with OpenSSL 1.1.1, but the test passed on Travis CI ("[112/391] test_ssl") and AppVeyor ("[360/391] test_ssl").

@hroncok

hroncok commented Feb 15, 2019

Copy link
Copy Markdown
Contributor

@vstinner You should be able to install compat-openssl10-devel and test with that one instead. You might need to remove openssl-devel first.

@larryhastings larryhastings merged commit 6c655ce into python:3.4 Feb 25, 2019
@bedevere-bot

bedevere-bot commented Feb 25, 2019

Copy link
Copy Markdown

@larryhastings: Please replace # with GH- in the commit message next time. Thanks!

@larryhastings

larryhastings commented Feb 25, 2019

Copy link
Copy Markdown
Contributor

Thanks for the fix!

@vstinner vstinner deleted the ssl_crl_bug34 branch April 29, 2019 14:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

type-security A security issue

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@vstinner @hroncok @bedevere-bot @larryhastings @the-knights-who-say-ni @tiran
Morty Proxy This is a proxified and sanitized view of the page, visit original site.